CVE-2021-33604
CVE-2021-33604 affects Vaadin Flow Server in development mode handler. The vulnerability is caused by a URL encoding error in the development mode handler of com.vaadin:flow-server, affecting versions 2.0.0–2.6.1 (Vaadin 14.0.0–14.6.1) and 3.0.0–6.0.9 (Vaadin 15.0.0–19.0.8). The underlying issue ...